﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration;
using Microsoft.SharePoint.Administration.Claims;


namespace AIS.SharePoint.AspNetFBA.Code
{
    /// <summary>
    /// Handles claims & membership based operations for forms based authentication
    /// </summary>
    public class Claims
    {
        string _ClaimProviderName = null;
        System.Web.Security.MembershipProvider _ClaimMembershipProvider = null;

        public Claims()
        {
            // RULES for finding claims provider
            // 1) Load current zone
            // 2) If not an claims provider, check all other zones
            // 3) If still nothing, no claims supported

            SPIisSettings IISSetting = null;
            SPContext.Current.Site.WebApplication.IisSettings.TryGetValue(SPContext.Current.Site.Zone, out IISSetting);

            if (IISSetting == null || IISSetting.AuthenticationMode != System.Web.Configuration.AuthenticationMode.Forms)
            {
                IISSetting = null;
                foreach (SPUrlZone ZoneItem in Enum.GetValues(typeof(SPUrlZone)))
                {
                    SPIisSettings TestIISSetting = null;
                    SPContext.Current.Site.WebApplication.IisSettings.TryGetValue((SPUrlZone)ZoneItem, out TestIISSetting);
                    if ((TestIISSetting != null) && (TestIISSetting.AuthenticationMode == System.Web.Configuration.AuthenticationMode.Forms))
                    {
                        IISSetting = TestIISSetting;
                        break;
                    }
                }
            }
            

            if (IISSetting != null)
            {
                _ClaimProviderName = IISSetting.FormsClaimsAuthenticationProvider.MembershipProvider;
                _ClaimMembershipProvider = System.Web.Security.Membership.Providers[_ClaimProviderName];
            }
        }

        /// <summary>
        /// Returns the membership provider for forms based claims authentication
        /// </summary>
        public System.Web.Security.MembershipProvider MembershipProvider
        {
            get{ return _ClaimMembershipProvider;}
        }

        /// <summary>
        /// Returns a forms based claim for a given username
        /// </summary>
        /// <param name="userName">User name to generate claim against</param>
        /// <returns>Claim</returns>
        public SPClaim GetClaimForUserName(string userName)
        {
            SPClaim NewClaim = new SPClaim(SPClaimTypes.UserLogonName
                , userName
                , "http://www.w3.org/2001/XMLSchema#string"
                , SPOriginalIssuers.Format(SPOriginalIssuerType.Forms, _ClaimProviderName));
            return NewClaim;
        }

        /// <summary>
        /// Decodes the authentication mode used by a claim
        /// </summary>
        /// <param name="userClaim"></param>
        /// <returns></returns>
        public System.Web.Configuration.AuthenticationMode GetAuthenticationModeFromUserClaim(SPClaim userClaim)
        {
            System.Web.Configuration.AuthenticationMode AuthMode = System.Web.Configuration.AuthenticationMode.None;

            if (userClaim == null || userClaim.OriginalIssuer.IndexOf("Windows", 0, StringComparison.OrdinalIgnoreCase) >= 0)
            {
                AuthMode = System.Web.Configuration.AuthenticationMode.Windows;
            }
            else if (userClaim.OriginalIssuer.IndexOf("Forms", 0, StringComparison.OrdinalIgnoreCase) >= 0)
            {
                AuthMode = System.Web.Configuration.AuthenticationMode.Forms;
            }

            return AuthMode;
        }
    }
}
